depot

Author	SHA1	Message	Date
Luke Granger-Brown	07350a1d42	secretsmgr: fix up host header	2023-08-06 18:23:33 +01:00
Luke Granger-Brown	86f193d44a	secretsmgr: add bare hostnames everywhere	2023-05-26 17:39:01 +01:00
Luke Granger-Brown	429b4ce984	secretsmgr: sign also for bare hostname	2023-05-26 02:53:52 +01:00
Luke Granger-Brown	e9a2ac4980	go/secretsmgr: set group after deleting files	2022-06-25 17:35:23 +00:00
Luke Granger-Brown	7592e76a31	tokend: init tokend is responsible for issuing service-scoped tokens based on the token held and generated by the Vault Agent. It can also generate "server-user" scoped tokens, which exist for convenience's sake: they are not a strong attestation of the user on the machine, and have limited privileges compared to a Vault token issued using e.g. `vault login -method=oidc`.	2022-03-20 17:47:52 +00:00
Luke Granger-Brown	b719181dfe	nixos: migrate to secretsmgr for sshd and ACME	2022-03-17 23:31:55 +00:00
Luke Granger-Brown	037c6f0fd8	go/secretsmgr: add support for ACME certificate issuance	2022-03-17 01:26:18 +00:00
Luke Granger-Brown	165fc4559c	go/secretsmgr: init Currently this only handles signing SSH certificates, but let's see where we go from here.	2022-03-15 03:07:34 +00:00